Building a Windows Server 2003 Standard Edition
Windows Server 2003 Standard Edition is quite a common platform in schools not least because it has a lower price tag than the Enterprise Edition. This article shows a step-by-step routine for installing this popular system in your school. I've included some vm specifications that might suit your environment.
Choose "Server 2003 Standard" as the version. Use an 8GB hard drive. Keep 384MB of ram. Remove the floppy drive and audio card. Configure the NIC for your own network.
- Hostname: 2003s-01
- Domain Name: No domain used initially
Use the entire disk (8gb)
Passwords and other Naming Conventions
When naming machines using Linux always use lower-case. In addition there are other components to consider when thinking of a naming convention and so here are some other helpers...
|Licencing Mode:||Per Device or Per User|
Use DHCP (the default) and keep in a WORKGROUP for now.
Log on to the new machine as administrator and install vmware tools without shared folders. Synchronize the clocks.
Configure the VM to not connect to the CD ROM on boot up.
First Snap-Shot (virtual environments)
Create the first snap-shot and call it Clean-Build. Add notes to the snap-shot describing how we got here!
Download all updates and service packs. If you need service pack 2 it does take quite a long time to download and install.
Second Snap-Shot (virtual environments)
Create the second snap-shot and call it Updates. As usual add notes.
If you want to use the vm as a template, now's the time to sysprep and make a template of it.
Sysprep.exe -reseal -quiet -mini
Create a new admin account and disable the old one:
Create a Domain Controller
Static IP address of 192.168.1.254 subnet 255.255.255.0
gateway 192.168.1.1 dns 192.168.1.1, create a snapshot!
Rename the server YourServerName
Create a domain controller using the wizard
Restore Mode Password: xxxxxxx
This step requires the cd for Server 2003 (not the Service Pack 2 disk!)
Define the file server role using the wizard. Create a new 30GB hard drive (Z: drive, Data). Setup 200MB default quota, denying space exceeders. Create the shares that are needed:
Set up the shares with appropriate permissions
- HomeITSupport$: ITSupport have full “Share” permissions. Security tab can be left with default settings.
- HomeStaff$: ITSupport and Staff have full “Share” permissions. Security tab can be left with default settings.
- HomeStudents$: ITSupport and Students have full “Share” permissions. Security tab can be left with default settings.
- ProfileStaff$: Staff have full “Share” permissions. Security tab can be left with default settings.
- ProfileStudents$: Students have full “Share” permissions. Security tab can be left with default settings.
- MultiUsers/Staff: ITSupport and Staff have full “Share” permissions. All other groups are removed using the Security tab, and ITSupport and Staff have Full Control.
Users and Computers
Using Active Directory setup the OU structure as follows.
SiteName > Users > Students, Staff and ITSupport
SiteName > Computers > Classroom and Office
Staff, Students, ITSupport. In AD right-click on sitename.local and “Raise Domain Functional Level. Make ITSupport a member of Enterprise Admins and Domain Admins.
Group Policy Management Console
- Download and install the Group Policy Management Console with Service Pack 1.
- Default Domain Policy:
Change Maximum Password Age to 365 days
Change Minimum Password Length to 6
Disable Complex Passwords
Volume Shadow Service
This is the service that enables Previous Versions.
Create a new 8GB hard drive V:/. Then right-click on Z:/ drive and choose Shadow Copies, Settings. Set the Z:/ drive to use V:/ drive for it's shadow copy. Limit size to 7000MB. Configure the schedule to happen 06.00 and 12.00 every day.
Users and templates
- Create a “Default User” profile for XP users
- Steven – Member of NetworkAdmins, network home directory
- Teacher-01 – Member of Staff group, network profile, network home directory
- Student-01 – Member of the Students group, network profile, network home directory
- NetworkAdmin-01 – Member of the NetworkAdmins group, network home directory.
Print.vbs and various login scripts.
If you require remote access now is the time to set this up.
Install Logmein for this server. Enable RDP for the NetworkAdmins group. Install VNC viewer on the server in order to access the Linux host and any other machine that may be required.
Turn off the automatic updates feature. With servers it is generally considered good practice to apply updates yourself, then you will be in more control of the state of your servers.
Thanks for visiting.